Prestashop 1.4: Urgent Security Update is Required – herfix.php

Attention Prestashop Users: The Security Fix email that has been sent out by Prestashop is legitimate and a fix is required to many 1.4 installations.

The procedure is to change your database password, download a fix file from the Prestashop website to the root of your site and run it. The file deletes itself once it has run with the message “OK” displayed.

How to change your database password with cPanel

If you don’t know how to change your database password, here’s how.

1. Using an FTP program open the config/settings.php file for your Prestashop 1.4 installation. It will tell you the database name and the username you are currently using. Look for the line that contains the line _DB_USER_ – note down this username
2. Log in to cPanel
3. Go to MySQL Databases
4. Scroll down to the section “Current Users”
5. Find the user referred to in the config/settings.php file and DELETE it by clicking the red cross next to the name
6. Under the heading “Add new user” and add the username again that you have just deleted but choosing a new password. The generate password button can help you.
7. The user needs to be added to the database. Under “Add user to database” on the same screen, select the user you just created and then the database that applies to your Prestashop 1.4 shop. Click “Add” and then choose “All Priviledges” from the screen that appears.

You’re done! Now follow the instructions on the Prestashop blog to fix the issue. Make sure that you substitute myshop.com for your own domain name when you run the fix file.

Why lowering the gst import threshold will not work

The latest and greatest idea to slow the growth of consumers buying online is to lower or eliminate the gst threshhold for imports. The argument for this is that by forcing people to pay gst on their overseas imports, fewer people will buy online and instead head back to the shopping malls. The reality of this is that since a large percentage of international orders are lower value, having to pay gst on those items will not significantly change consumer’s behavoiur – especially with the Australian dollar so high in value. Because shipping prices in Australia are very high compared to overseas, local retailers will still be competing with foreign sellers who can ship items to Australian consumers cheaper than an Australian seller.

What about the cost of collection? The paperwork required to complete customs forms can be long and involved, and if this process isn’t going to be streamlined (involving the cost of review, changing and communication of the change), then there will be significant costs in collecting the tax when items arrive. It will also push up shipping times for Australian sellers importing goods from all of the extra paperwork being performed by customs agents.

The solution to the issue is not applying a tax on consumer buyers importing goods into Australia, it’s helping Australian businesses be more competitive on their shipping costs within Australia. It should not be the case that it’s cheaper for a foreign seller to send an item to an Australian consumer from a foreign country cheaper and faster than a domestic seller can send it to that same Australian from here. Does Australia Post needs a review?